<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>
<?php
	session_start();
	 
	$login = $_POST['login'];
	$pass = $_POST['password'];

	try {
		$db = new PDO("sqlite:siwoz.db");
		$result = $db->query("SELECT * FROM physicians where login='$login' and password = '$pass'");
		$logged = false;
		$id = 0;
		foreach ($result as $row) {
			$logged = true;
			$id = $row['id'];
			echo $id;
		}
		if ($logged) {
			$_SESSION['loggedin'] = true;
			$_SESSION['userId'] = $id; 
			header("Location: patients-list.php");		 
		} else {
			header("Location: index.php");
			exit;	
		}
		$db = null;
	}
	catch(PDOException $e)
	{
		echo $e->getMessage();
	}
?>

</body> </html>